{"id":17214744,"url":"https://github.com/markfarrell/3tier","last_synced_at":"2025-09-07T23:38:05.613Z","repository":{"id":43962773,"uuid":"228925409","full_name":"markfarrell/3tier","owner":"markfarrell","description":"[Archived] A prototype 3-tier web application written in PureScript.","archived":false,"fork":false,"pushed_at":"2022-12-11T01:01:11.000Z","size":4536,"stargazers_count":7,"open_issues_count":4,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-08T01:20:58.861Z","etag":null,"topics":["3-tier","centralized-logging","functional-programming","incident-management","intrusion-detection","javascript","nodejs","owasp-top-10","proof-of-concept","prototype","purescript","risk-management","security-audit","security-risks","siem","type-theory","web-application"],"latest_commit_sha":null,"homepage":"","language":"PureScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/markfarrell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-12-18T21:35:52.000Z","updated_at":"2022-12-29T18:49:00.000Z","dependencies_parsed_at":"2023-01-26T13:16:55.042Z","dependency_job_id":null,"html_url":"https://github.com/markfarrell/3tier","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/markfarrell/3tier","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markfarrell%2F3tier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markfarrell%2F3tier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markfarrell%2F3tier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markfarrell%2F3tier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/markfarrell","download_url":"https://codeload.github.com/markfarrell/3tier/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markfarrell%2F3tier/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274112459,"owners_count":25224325,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["3-tier","centralized-logging","functional-programming","incident-management","intrusion-detection","javascript","nodejs","owasp-top-10","proof-of-concept","prototype","purescript","risk-management","security-audit","security-risks","siem","type-theory","web-application"],"created_at":"2024-10-15T03:05:29.267Z","updated_at":"2025-09-07T23:38:05.564Z","avatar_url":"https://github.com/markfarrell.png","language":"PureScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 3tier\nA prototype 3-tier web application written in PureScript. Currently extracting re-usable parsing/validation, FFI, control flow, DSL, and event collection packages for a follow-up / future project(s).\n\n**Current Status: (Archived)**\n \n*In a follow-up project with analogous overarching goals: I would like to develop a model SIEM/IDS software solution (as a 3-tier web application) written in PureScript, e.g. like a model / lightweight FOSS alternative to Splunk. I would like to continue to explore and evaluate of PureScript and formal methods to manage and \"provably\" mitigate OWASP Top 10 web application security risks as well. In the near future, I would like to finish: transitioning the current iteration of this project for future projects, conduct a final post-mortem analysis, and review / revise the lessons learned throughout the duration of this project for an analogous future project.* \n\n## Contents\n- [Proposal](##proposal)\n  * [Purpose](##purpose)\n  * [Introduction](##introduction)\n    * [Diagram of 3-Tier Architecture](##diagram) \n  * [Goals](##goals)\n    * [Tier 3](##tier-3)\n    * [Tier 2](##tier-2)\n    * [Tier 1](##tier-1)\n  * [Schedule](##schedule)\n  * [Issues](##issues)\n  * [Timeline](##timeline)\n\n## Proposal\n\n##### Purpose\n\n\u003cp align=\"justify\"\u003e\nFileless Malware and Insider Threat incidents are currently causing significant disruptions to the services and operations of industries employing IT. For example, Fileless Malware attacks are currently costing industries, such as healthcare and finance, millions upon millions of dollars due to successful Fileless Malware attacks (e.g. SAMSAM and GoLacker). According to reputable sources, we are currently seeing a dramatic rate of increase in Fileless Malware incidents reported across industries employing IT (\u003ca href=\"https://www.trendmicro.com/vinfo/us/security/news/security-technology/risks-under-the-radar-understanding-fileless-threats\"\u003eTrendMicro,2019\u003c/a\u003e), and it is possible that the majority of successful cyberattacks now involve Fileless Malware incidents that are currently occurring undetected by targeted organizations (\u003ca href=\"https://www.carbonblack.com/resources/definitions/what-is-fileless-malware/\"\u003eCarbon Black, 2019\u003c/a\u003e). Our motivational goal for this project is to research \u0026 develop a model SIEM/IDS software solution (as a 3-tier web application), that can applied to faciliate security risk management for these types of threats. We are currently seeking contributors to assist in the development, testing, and project management for the current prototype of our 3-tier application. \n\u003c/p\u003e\n\n#### Introduction\n\n\u003cp align=\"justify\"\u003e\nOur current overarching goal for this project is to develop a model SIEM/IDS solution written in PureScript.\nIt is intended to be implemented and deployable as a 3-tier web application, with the goal of exploring the use of PureScript and formal methods to provably mitigate OWASP Top 10 web application security risks within the application.\nThe \u003cb\u003epresentation-tier\u003c/b\u003e is intended to faciliate incident management \u0026 response for incidents triggered by detecting anomalous behaviours of entities on a network, derived from forwarded \u0026 audited events.\nThe \u003cb\u003eapplication-tier\u003c/b\u003e is intended to faciliate centralized logging of traffic/gateway events, Linux Auditing System events, and Windows Security event, and e.g. vulnerability scan results.\nThe \u003cb\u003edata-access tier\u003c/b\u003e is intended to faciliate analytics \u0026 reporting on forwarded \u0026 audited events, as well as:\ne.g. security risk management, disaster recovery, and business continuity.\nThe current prototype development \u0026 testing for our 3-tier application  was modeled / inspired by the idea of developing e.g. a model \u0026 lightweight FOSS alternative to Splunk, which we summarize with the following diagram of our proposed 3-tier architecture.\n\u003c/p\u003e\n\n##### Diagram\n\n![Diagram of 3-Tier Architecture](./README/diagram.svg)\n\n#### Goals\n\n##### Tier 3\n\n*\tAwaits *Tier 3* resource requests to retrieve statistics reports about forwarded \u0026 audited events.\n*\tAwaits *Tier 3* resource requests to store forwarded and audited events, abstracting over a suitable choice of DBMS backend(s).\n*\tAudits all incoming *Tier 3* resource requests according to specification.\n*\tEnforces authentication, authorization/access control, and project risk management policies for *Tier 3* resource requests.\n\n##### Tier 2\n\n*\tEmits *Tier 3* resource requests to retrieve statistics reports about forwarded \u0026 audited events.\n*\tAwaits *Tier 2* resource requests to retrieve statistics reports at the report route(s) defined by the backend web application.\n*\tAwaits *Tier 2* resource requests to forward Windows Security Event Log and Linux Auditing System data in JSON format at the forward route(s) defined by the backend web application.\n*\tAwaits *Tier 2* traffic/gateway event data in JSON format, e.g. flow records in SiLk *rwfilter/rwcut* format at the appropriate forward route defined by the backend web application.\n*\tAudits all incoming *Tier 2* resource requests according to specification.\n*\tEmits *Tier 3* resource requests to store audited \u0026 forwarded events after parsing \u0026 validation.\n*\tEnforces authentication, authorization/access control, and project risk management policies for *Tier 2* resource requests.\n\n##### Tier 1\n\n*\tEmits *Tier 2* resource requests to retrieve statistics reports about forwarded \u0026 audited events.\n* Awaits *Tier 1* resource requests to retrieve summary reports about forwarded \u0026 audited events (e.g. in feature matrix format). \n*\tTriggers alerts, e.g. based on application-defined rules and/or automated document classification approaches, from sets of *Tier 2* statistics reports.\n*\tAwaits *Tier 1* resource requests to poll and view triggered alerts at the report route(s) defined by the frontend web application.\n*\tAwaits *Tier 1* resource requests to push and forward triggered alerts to an incident response platform, such as PagerDuty or JIRA, at the forward route(s) defined by frontend web application.\n*\tAudits all incoming *Tier 1* resource requests according to specification.\n*\tEnforces authentication, authorization/access control, and project risk management policies for *Tier 1* resource requests.\n\n#### Schedule\n\nSee [milestones](https://github.com/markfarrell/3tier/milestones).\n\n#### Issues\n\nSee [issues](https://github.com/markfarrell/3tier/issues).\n\n#### Timeline\n\nSee [timeline](./README/timeline.png).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkfarrell%2F3tier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarkfarrell%2F3tier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkfarrell%2F3tier/lists"}